By｜Sleepy

Someone used Claude Opus 4.8 to uncover a bug that caused a cryptocurrency's market cap to evaporate by $4.5 billion.

The incident began with a security audit. Zcash is a veteran privacy network that leverages zero-knowledge proofs to safeguard transaction data, with Orchard serving as the core component of its privacy-preserving capabilities.

On May 29, security researcher Taylor Hornby discovered a critical vulnerability in Orchard during a protocol audit commissioned by Shielded Labs. The flaw allowed attackers to mint tokens ex nihilo—essentially enabling infinite token supply.

Zcash completed an emergency upgrade within days. The team officially confirmed the existence of the vulnerability but could not verify whether it had already been exploited for token inflation. After the official statement on June 5, Zcash’s price plummeted by 50%.

Anthropic’s Opus 4.8 was released on May 28; the next day, the vulnerability was identified.

Not Mythos, but Opus

The Zcash incident is alarming—not because of AI’s raw power, but because this time it was powerful in a way that felt almost ordinary.

Before this, the security industry truly feared Anthropic’s Claude Mythos Preview. In April 2026, Anthropic published a cybersecurity capability assessment stating that Mythos Preview could identify and exploit zero-day vulnerabilities in mainstream operating systems and browsers during testing. Some of these flaws were deeply buried, having lain dormant for over a decade—such as one in OpenBSD that traced back 27 years.

The assessment also noted that even an engineer without a security background could use Mythos Preview to hunt for remote code execution vulnerabilities overnight, waking up the next morning to a fully functional exploit payload.

This signaled a shift: a capability once accessible only to a small elite group was now becoming a service anyone could summon on demand. The tool itself holds no moral stance—the difference lies solely in who wields it and what they intend to do with it.

Anthropic understood this risk. Hence, Project Glasswing was launched to restrict access to Mythos Preview, initially providing it only to select organizations for defensive security work. They acknowledged that models at this level require stronger safeguards and stricter usage constraints before being opened to the public.

Yet in the Zcash case, the tool in use wasn’t the locked-down Mythos—it was Opus 4.8, already released, publicly available, and integrated into everyday workflows.

AI entering the security domain has empowered small teams with the auditing capacity of large ones. It accelerates bug detection for maintainers while simultaneously accelerating attackers’ system comprehension.

And the most dangerous threat may not come from the strongest model—but from one that is strong enough, affordable enough, and widespread enough.

The more common the model, the more people can wield it. The question thus shifts from “Can AI find bugs?” to “What happens when everyone can?”

When Bug Hunting Becomes a Mass Movement

Once AI lowers the cost of vulnerability discovery, two phenomena emerge.

One is false positives: a flood of reports that look credible but fail validation. The other is genuine findings—long-hidden flaws deep within systems, previously requiring weeks or months of expert effort to uncover, now surfacing rapidly.

The former overwhelms maintainers; the latter breaches systems. Worse still, both arrive simultaneously.

Cybersecurity has long operated under an ideal narrative: white hats discover vulnerabilities, disclose responsibly, vendors patch, users benefit.

For years, the world ran roughly along this script. But when AI drastically lowers the barrier to “finding vulnerabilities,” and when anyone with a public model can search for bugs, the floodgates open to those chasing bounties or reputation. Many of them simply copy-paste prompts, instructing the model to generate a plausible-sounding report. The report may not be real.

Yet regardless of authenticity, maintainers must treat every submission seriously.

In February 2026, OpenSSF hosted a discussion on “AI-generated junk reports,” focusing on how open-source maintainers should respond to low-quality, AI-produced vulnerability disclosures. curl reported that by mid-2025, only about 5% of bounty submissions were genuine vulnerabilities, while around 20% appeared to be low-quality content generated by AI. OpenSSF described such reports as a form of DDoS—but instead of attacking infrastructure, they attack human attention.

Open-source maintainers are not customer support centers. Many lack salaries, security teams, or fixed schedules. Yet a single project may underpin countless commercial systems. Companies that rely on open source to cut costs rarely compensate maintainers—but when something breaks, they immediately ask why it wasn’t fixed sooner.

cURL eventually shut down its bounty program due to burnout. Security reports were meant to be part of the defense line—but when flooded with garbage, the line turns inward, consuming those guarding it.

AI has democratized the ability to submit vulnerability reports, but not the ability to assess their validity. The capacity to generate a report does not equal understanding it. The ability to run verification code does not mean comprehending its impact.

Even more troubling: we already live in a world where AI can uncover countless real vulnerabilities.

Our Past Safety Was Just Good Luck

The internet’s greatest illusion is that if something runs, it must be reliable.

Your phone processes payments, your subway ticket scans instantly, your hospital appointment goes through. Even your cloud storage still holds a photo from ten years ago—something you’ve forgotten, but it hasn’t. These systems work daily, so we assume they’re flawless. Trust in technology often isn’t trust—it’s apathy.

But code is like an old building constantly being expanded: beneath lie outdated protocols and libraries, above are temporary features and “ship now, fix later” decisions, and at the top, legacy code no one dares delete. Lights stay on, elevators keep running, the landlord says all is well. But no one knows if there are cracks in the walls.

Heartbleed is a textbook example. A vulnerability in OpenSSL allowed attackers to read private keys and passwords from server memory—discovered and patched only in 2014 after lying dormant for over two years. During that time, over 60% of active websites worldwide ran on affected servers. For two years, much of the internet operated nearly exposed—no one knew.

Then there’s sudo’s Baron Samedit. In 2021, Qualys revealed this flaw had existed in sudo for nearly a decade. Sudo is one of the most widely used privilege escalation tools in Unix/Linux ecosystems.

Countless similar cases exist. When viewed together, they reveal a startling truth: our ability to browse the internet safely until today has been less due to robustness and more due to luck.

Why did these vulnerabilities remain undiscovered for so long?

The answer is simple: the cost of finding them was too high.

Cost wasn’t just financial—it involved time, patience, and meticulous work. One must read code, set up environments, understand protocols, reproduce edge cases, write validation scripts, assess impact scope, and distinguish true positives from false alarms. Sometimes a script runs all night with no result; a path is tested to exhaustion, only to find it’s unreachable. Real-world security researchers and hackers often spend their days tormenting themselves with fragmented, broken details.

Many past vulnerabilities stayed hidden not because they were mysterious, but because the number of people willing, able, and persistent enough to keep searching was vanishingly small.

AI has changed precisely this cost structure.

Previously, too many corners, too few flashlights. Now flashlights are being mass-produced.

But the same flashlight reveals both cracks—and exploitable entry points. The moment AI makes “discovery” cheap, it simultaneously makes “exploitation” cheap too. Someone today submits a low-quality report to an open-source project using AI; tomorrow, they apply the same method to scan a corporate system. Today chasing bounties; tomorrow targeting on-chain funds.

Beneath Normal Browsing

We don’t feel “internet security” until something actually goes wrong.

You open Alipay, scan, pay, receive—everything takes under three seconds. You never think about the layers of risk controls, device fingerprinting, behavioral analysis, anti-fraud measures, vulnerability response, and emergency plans behind the scenes.

In May 2026, Ant Financial’s Security Response Center (AntSRC) launched a “Hunter Action” bug bounty campaign, covering products including Alipay, Huabei, Jiebei, Ant Wealth, Wangshang, Shuke, and Ant International. High-risk and severe vulnerabilities in payment, fund, and billing systems earned up to 5x rewards, reaching up to ¥71,500.

Larger companies know they can’t rely solely on internal teams to catch all issues, so they formally integrate external white-hat groups into their workflows. Security functions like a long chain of collaboration: someone discovers an attack, someone else verifies and classifies it, someone patches it, someone ensures normal users aren’t harmed. Break any link in this chain, and the entire system fails.

In its October 2025 security posture report, Alibaba Cloud stated that its platform defended against an average of 6.245 billion attacks per day for clients, blocked 27,500 malicious IPs, monitored and intercepted 102,800 DDoS attacks that month, peaking at 2,100 Gbps.

What we call “normal browsing” is actually a narrow path painstakingly carved out from a sea of anomalies by security engineers. The internet has never been quiet.

Open-source maintainers lack budgets, schedules, or emergency teams. Large corporations can afford these resources. But even they depend on a long, fragile chain of human collaboration to reduce anomalies to a level invisible to end users.

This chain was already operating at full capacity before AI entered at scale. Now, we’re pouring in exponentially more vulnerabilities and reports. Are defenders ready to handle the load?

Who Fixes the Bugs After Discovery?

The ISC2 2024 Cybersecurity Workforce Report estimates that globally, around 5.5 million cybersecurity professionals are currently employed, yet the talent gap stands at 4.8 million—a 19% year-on-year increase. This “gap” isn’t about job listings on recruitment platforms; it’s the difference between the number of people organizations believe they need to be adequately protected and the number actually available.

These figures are simple: there are far more vulnerabilities than there are people to fix them.

It’s not just about headcount—it’s about skilled personnel. The report notes that 67% of respondents said their organization faces a cybersecurity staffing shortage, and 58% believe this shortage exposes them to significant risk. 31% reported having no junior-level staff, and 15% said they lacked employees with 1–3 years of experience. Many organizations don’t just lack workers—they lack pipelines to train the next generation.

This is worse than mere hiring difficulty. Not having junior staff means future hiring will remain impossible.

A domestic report, *Cybersecurity Talent Development Report in the AI Era*, provides further insight: in 2025, 46.2% of surveyed professionals earned between ¥200,000 and ¥300,000 annually before tax. The market values mid-tier talent highly because individuals capable of handling complex threats and making sound judgments during incidents remain exceedingly rare. The report also found that 56.5% of respondents said AI has shifted their focus toward analyzing complex threats, while 33.0% indicated a move from execution to strategic planning.

This point is crucial.

What we desperately lack today is someone who can, in the middle of the night, parse a vulnerability, assess its impact, coordinate upstream and downstream teams, and craft a patch. Security is never about sudden inspiration—it’s about grueling, tedious labor. Break down the term “cybersecurity,” and you’ll find only false positives, blame-shifting, endless patches, constant meetings, and that 3 a.m. phone call pulling you from sleep.

The Plague Bacillus Never Disappeared

Camus wrote a novel titled *The Plague*.

The story unfolds in a modest North African town. A plague erupts suddenly. The gates close. Everyone is trapped. Daily life shatters overnight. People first panic, then grow numb, then adapt. When the plague finally recedes and the gates reopen, streets fill with laughter again.

At the novel’s end, Camus writes: “According to medical records, the plague bacillus never dies out nor disappears. It can survive for decades in furniture, clothing, bedding. It waits patiently in rooms, cellars, trunks, handkerchiefs, and discarded papers. Perhaps one day, the plague will awaken its rats, sending them to bury themselves in some happy city, so that humanity may suffer once more and learn anew.”

I’ve always thought this passage perfectly describes software vulnerabilities.

They weren’t born the moment they were discovered. They’ve lain dormant in code for years, unnoticed—so we mistook silence for safety.

Our routines, so taken for granted, all run on code. Code carries old debts. Old debts weren’t repaid earlier because there were few creditors. Now, with AI, the number of creditors has exploded.

The danger isn’t just that hackers are multiplying. On the other side of the system, the number of people capable of resolving issues hasn’t grown proportionally.

This is the core struggle of the AI-powered security era: capability spreads freely, but responsibility does not. Discovering a vulnerability is getting cheaper by the day—but fixing it remains as costly as ever. Destruction can be replicated endlessly via scripts, but trust must be rebuilt one system, one team, at a time.

AI won’t destroy the internet overnight. Its role is more like turning on the lights. We finally see: digital life is not an automatic natural order, but a daily act of human effort to suppress risk to a level we barely notice.

What will become truly expensive in the future? Not finding bugs. But whether there are still enough people willing to fix them—one by one.

Original Article: Lawful Beats BlockBeats